<?php
//本页面实现注册功能
require '../models/init.php';

function gotoPage($info){
    echo '<script>';
    echo "alert('{$info}');";
    echo 'window.history.back();';
    echo '</script>';
    exit; // 确保在跳转之后立即终止脚本的执行
}

if (!empty($_POST)) {

    // var_dump($_POST);
    //获取表单数据，处理数据！
    // array(8) { ["username"]=> string(3) "123" ["truename"]=> string(3) "123" ["password"]=> string(0) "" ["repassword"]=> string(0) "" ["email"]=> string(0) "" ["phone"]=> string(0) "" ["key"]=> string(0) "" ["Submit"]=> string(12) "马上注册" } 
    $regstae = true; //判断数据验证状态
    $msg = ''; //获取数据错误信息

    //判断
    session_start();
    if (strtolower($_POST['key']) != strtolower($_SESSION['captcha'])) {
        $msg .= '验证码不正确';
        $regstae = false;
    }


    $data['username'] = trim($_POST['username']);
    $data['truename'] = trim($_POST['truename']);
    $data['password'] = trim($_POST['password']);
    $data['repassword'] = trim($_POST['repassword']);
    $data['email'] = trim($_POST['email']);
    $data['phone'] = trim($_POST['phone']);

    // var_dump($data);

    //数据验证

    if ($data['username'] == '' || $data['truename'] == '' || $data['password'] == '') {
        $msg .= '必填数据不能为空！';
        $regstae = false;
    }

    if ($data['password'] !=  $data['repassword']) {
        $msg .= '密码和确认密码不相等';
        $regstae = false;
    }

    include '../models/check_form.lib.php'; //引入表单验证函数

    //用户名验证

    if (!checkUsername($data['username'])) {
        $msg .= '用户名不符合要求，要2~20位！';
        $regstae = false;
    }

    //姓名验证

    if (!checkTruename($data['truename'])) {
        $msg .= '姓名不符合要求，要2~20位！';
        $regstae = false;
    }

    //密码验证
    if (!checkPassword($data['password'])) {
        $msg .= '密码格式不符合要求，要6~16位！';
        $regstae = false;
    }


    //验证邮箱
    if (!checkEmail($data['email'])) {
        $msg .= '邮箱格式不正确！';
        $regstae = false;
    }

    //验证手机
    if (!checkPhone($data['phone'])) {
        $msg .= '手机格式不正确！';
        $regstae = false;
    }

  


    //批量防sql注入，转义特殊字符
    $link = db_connect();
 
    foreach ($data as $k => $v) {
        $data[$k] = str_handle($link, $v);
    }


    //判断用户名重名
    $res = mysqli_query($link, "SELECT * FROM `user` WHERE `username`='{$data['username']}'");
    // $res = mysqli_query($link, "SELECT * FROM `user` WHERE `username`='1234'");

    // var_dump($res);
    if(mysqli_num_rows($res)>0){
        $msg .= '该用户名已经注册！';
        $regstae = false;
    } 
    // exit();

    if (!$regstae) {
        mysqli_close($link);
        gotoPage($msg);
    }

    //密码加密处理 需要
    $salt = salt();

    //获取到一个加密后的密码串
    $dbpw = get_Password($data['password'], $salt);

    //拼装一个SQL语句
    $sql = "INSERT INTO `user`( `username`, `truename`, `password`, `salt`, `email`, `phone`, `state`) VALUES ('{$data['username']}','{$data['truename']}','{$dbpw}','{$salt}','{$data['email']}','{$data['phone']}',1)";


    //执行sql

    $result = mysqli_query($link, $sql);

    if ($result) {
        echo '<script>';
        echo "alert('注册成功，点击确定立即登录吧！');";
        echo 'window.location.href = "../views/login.html";';
        echo '</script>';
    }

    mysqli_close($link);
} else {
    include 'reg.html';
}
